D2D communication is a kind of communication which allows two user equipments to communicate with each other directly, potentially under some control of a communication network provider. The two user equipments may be referred to as a D2D pair. The examples of D2D communication include direct communications in a cluster of proximity devices, autonomous D2D communication in a cellular network, etc.
Nowadays, many investigations and researches about supports of network-supported D2D communication in the 3G mobile communication system, e.g. Long Term Evolution (LTE) system, have been conducted. One example is to introduce D2D registration server function (DRSF) for registration, authentication and identification of D2D devices. The D2D device can registers to the network with a D2D device identifier and temporary user equipment identifier (e.g. S-TMSI). The DRSF can be located in a radio access network entity (e.g. an eNodeB or a femtocell) or in a core network entity (e.g. a Mobile Management Entity) or in both with a hierarchical structure.
However, security related procedures of D2D communication have not been fully specified. Currently, security keys for D2D communication are generated in core network side. The key generation involves Home Subscriber Server (HSS), Home Location Register (HLR), AAA server, or Mobile Management Entity (MME). The key generation may be initiated by user equipment, eNodeB or MME. In the user equipment initiated solution, for example, each device of a D2D pair may generate a base value and a ciphering key from the base value, and send the base value to the MME. The MME can generate ciphering keys from the base values, combine the keys and send the combined key to the D2D pair. Then each device of the D2D pair can obtain the ciphering key that is same as the ciphering key generated by the pairing device from the combined key.
However, for D2D service which will introduce a large scale of device numbers, the participation of the core network entities will bring too much work load and signaling overhead to the backend, which is already struggling today with the load. It is desirable to generate the security keys for D2D communication without HSS/HLR/MME involvement.